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AMENDMENTS TO THE CLAIMS 

Listing of claims: 

1. (Currently Amended) A key distribution method applied in the Next Generation Network 
comprising a terminal, a soft switch and an authentication center, comprising: 

the terminal sending a registration request message to the soft switch for a registration; 

the soft switch sending an authentication request message to the authentication center for 
the authentication for the terminal; and 

the authentication center authenticating the terminal, generating a session key for the 
terminal and the soft switch, and sending the session key to the soft switch, so as to be 
distributed to the terminal upon a successful authentication; 

wherein the step of the authentication center authenticating the terminal comprises: 

the authentication center generating a first verification word for the terminal according to 
a key Kc shared with the terminal, encrypting the session key with the shared key Kc, and 
returning the encrypted session key and the first verification word to the soft switch; 

the soft switch returning a registration failure response message to the terminal to notify 
the terminal of a registration failure; 

the terminal generating a second verification word according to the key Kc shared with 
the authentication center, and sending a registration message containing the second verification 
word to the soft switch for a registration again; and 

the soft switch authenticating the terminal according to the first verification word and the 
second verification word; 

wherein the step of the soft switch distribut i ng the session key to the terminal comprises: 
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the soft switch returning to the terminal a reg istration success response message 
containing the session key encrypted with the shared key Kc, and sending a terminal 
authentication success message to the authentication center; and 

the terminal decrypting the session k ey encrypted by the authentication center according 
to the shared key Kc . 

2.-3. (Canceled) 

4. (Currently Amended) The key distribution method according to clai m 3 - claim 1 , wherein the 
method further comprises: 

the terminal sending to the soft switch a list of security mechanisms supported by the 
terminal and priority information of each security mechanism; 

the soft switch choosing an appropriate security mechanism for communication according 
to the list of security mechanisms and the priority information of each security mechanism of the 
terminal. 

5. (Previously Presented) The key distribution method according to claim 1 , 

wherein the registration request message and the registration message are SEP protocol 
registration messages, and the registration failure response message is a SIP protocol response 
message; or 

wherein the registration request message is a system restart message and a corresponding 
response message in the MGCP protocol, the registration failure response message is a 
notification request message and a corresponding response message in the MGCP protocol, and 
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the registration message comprises a notification message and a corresponding response message 
in the MGCP protocol; or 

wherein the registration request message comprises a system service status change 
message and a corresponding response message in the H.248 protocol, the registration failure 
response message is an attribute modification message and a corresponding response message in 
the H.248 protocol, and the registration message comprises a notification message and a 
corresponding response message in the H.248 protocol; or 

wherein the registration request message is a gatekeeper request message in the H.323 
protocol, the registration failure response message is a gatekeeper rejection message in the H.323 
protocol, and the registration message is a registration request message in the H.323 protocol. 

6. (Canceled) 

7. (Currently Amended) The key distribution method according to claim 3 claim 1 , 

wherein the registration request message and the registration message are SIP protocol 
registration messages, the registration failure response message is a SIP protocol response 
message, and the registration success response message is a SIP protocol registration request 
success message; or 

wherein the registration request message is a system restart message and a corresponding 
response message in the MGCP protocol, the registration failure response message and the 
registration success response message are a notification request message and a corresponding 
response message in the MGCP protocol, and the registration message comprises a notification 
message and a corresponding response message in the MGCP protocol; or 
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wherein the registration request message comprises a system service status change 
message and a corresponding response message in the H.248 protocol, the registration failure 
response message and the registration success response message are an attribute modification 
message and a corresponding response message in the H.248 protocol, and the registration 
message comprises a notification message and a corresponding response message in the H.248 
protocol; or 

wherein the registration request message is a gatekeeper request message in the H.323 
protocol, the registration failure response message is a gatekeeper rejection message in the H.323 
protocol, the registration message is a registration request message in the H.323 protocol, and the 
registration success response message is a registration success message in the H.323 protocol. 

8. (Previously Presented) The key distribution method according to claim 4, 

wherein the registration request message and the registration message are SIP protocol 
registration messages, the registration failure response message is a SIP protocol response 
message, and the registration success response message is a SIP protocol registration request 
success message; or 

wherein the registration request message is a system restart message and a corresponding 
response message in the MGCP protocol, the registration failure response message and the 
registration success response message are a notification request message and a corresponding 
response message in the MGCP protocol, and the registration message comprises a notification 
message and a corresponding response message in the MGCP protocol; or 

wherein the registration request message comprises a system service status change 
message and a corresponding response message in the H.248 protocol, the registration failure 
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response message and the registration success response message are an attribute modification 
message and a corresponding response message in the H.248 protocol, and the registration 
message comprises a notification message and a corresponding response message in the H.248 
protocol; or 

wherein the registration request message is a gatekeeper request message in the H.323 
protocol, the registration failure response message is a gatekeeper rejection message in the H.323 
protocol, the registration message is a registration request message in the H.323 protocol, and the 
registration success response message is a registration success message in the H.323 protocol. 

9. (Currently Amended) A key distribution method applied in the Next Generation Network 
comprising a terminal, a signaling proxy, a soft switch and an authentication center, comprising: 

the terminal sending a registration request message through the signaling proxy to the 
soft switch for a registration; 

the soft switch sending an authentication request message to the authentication center for 
the authentication for the terminal; and 

the authentication center authenticating the terminal, generating a session key for the 
terminal and the signaling proxy, and sending the session key to the soft switch, so as to be 
distributed through the signaling proxy to the terminal upon a successful authentication; 

wherein the step of the authentication center authenticating the terminal comprises: 

the authentication center generating a first verification word for the terminal according to 
a key Kc shared with the terminal and a key Ksp shared with the signaling proxy, encrypting the 
session key respectively with the shared key Kc and the shared key Ksp, and returning the 
encrypted session key and the first verification word to the soft switch; 
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the soft switch returning a registration failure response message through the signaling 
proxy to the terminal to notify the terminal of a registration failure; 

the terminal generating a second verification word according to the key Kc shared with 
the authentication center, and sending a registration message containing the second verification 
word to the signaling proxy to be forwarded to the soft switch for a registration again; and 

the soft switch authenticating the terminal according to the first verification word and the 
second verification word; 

wherein the step of the soft switch distributing the session key to the term inal compri ses: 

the soft switch forwarding to the signaling proxy a terminal registration success response 
message containing the session key encrypted by the authentication cente r res pectively with the 
shared keys Kc and Ksp, and the signaling proxy decrypting with the shared key Ksp the session 
key encrypted by the authentication center with the shared key K s p, calculating a message 
verification word for the registration success response message with the decrypted session key, 
and forwarding to the terminal the registration success response message containing the message 
verification word and the session key encrypted with the shared key Kc; and 

the terminal decrypting the session key encrypted by the authentication center according 
to the shared key Kc, and authenticating with the decrypted session key the message 
authentication word of the message returned from the signaling proxy so as to authenticate an 
identity of the signaling proxy, an integrity of the message and whether security mechanism 
parameters of the terminal returned from the signaling proxy are correct . 

10. -11. (Canceled) 
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12. (Currently Amended) The key distribution method according to-ekuffl-44- claim 9 , wherein 
the method further comprises: 

the terminal sending to the signaling proxy a list of security mechanisms supported by the 
terminal and priority information of each security mechanism, and the signaling proxy choosing 
an appropriate security mechanism for communication according to the security mechanisms 
supported by the terminal and the priority information of each security mechanism. 

13. (Currently Amended) The key distribution method according to claim 9, 

wherein the registration request message and the registration message are SIP protocol 
registration messages, and the registration failure response message is a SEP protocol response 
message [[,]]; or 

wherein the registration request message comprises a system restart message and a 
corresponding response message in the MGCP protocol, the registration failure response 
message is a notification request message and a corresponding response message in the MGCP 
protocol, and the registration message comprises a notification message and a corresponding 
response message in the MGCP protocol; or 

wherein the registration request message comprises a system service status change 
message and a corresponding response message in the H.248 protocol, the registration failure 
response message is an attribute modification message and a corresponding response message in 
the H.248 protocol, and the registration message comprises a notification message and a 
corresponding response message in the H.248 protocol; or 
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wherein the registration request message is a gatekeeper request message in the H.323 
protocol, the registration failure response message is a gatekeeper rejection message in the H.323 
protocol, and the registration message is a registration request message in the H.323 protocol. 

14. (Canceled) 

15. (Currently Amended) The key distribution method according to-eIaHH-44 claim 9 , 

wherein the registration request message and the registration message are SIP protocol 
registration messages, the registration failure response message is a SIP protocol response 
message, and the registration success response message is a SIP protocol registration request 
success message; or 

wherein the registration request message comprises a system restart message and a 
corresponding response message in the MGCP protocol, the registration failure response 
message and the registration success response message are a notification request message and a 
corresponding response message in the MGCP protocol, and the registration message comprises 
a notification message and a corresponding response message in the MGCP protocol; or 

wherein the registration request message comprises a system service status change 
message and a corresponding response message in the H.248 protocol, the registration failure 
response message and the registration success response message are an attribute modification 
message and a corresponding response message in the H.248 protocol, and the registration 
message comprises a notification message and a corresponding response message in the H.248 
protocol; or 
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wherein the registration request message is a gatekeeper request message in the H.323 
protocol, the registration failure response message is a gatekeeper rejection message in the H.323 
protocol, the registration message is a registration request message in the H.323 protocol, and the 
registration success response message is a registration success message in the H.323 protocol. 

16. (Previously Presented) The key distribution method according to claim 12, 

wherein the registration request message and the registration message are SIP protocol 
registration messages, the registration failure response message is a SIP protocol response 
message, and the registration success response message is a SIP protocol registration request 
success message; or 

wherein the registration request message comprises a system restart message and a 
corresponding response message in the MGCP protocol, the registration failure response 
message and the registration success response message are a notification request message and a 
corresponding response message in the MGCP protocol, and the registration message comprises 
a notification message and a corresponding response message in the MGCP protocol; or 

wherein the registration request message comprises a system service status change 
message and a corresponding response message in the H.248 protocol, the registration failure 
response message and the registration success response message are an attribute modification 
message and a corresponding response message in the H.248 protocol, and the registration 
message comprises a notification message and a corresponding response message in the H.248 
protocol; or 

wherein the registration request message is a gatekeeper request message in the H.323 
protocol, the registration failure response message is a gatekeeper rejection message in the H.323 
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protocol, the registration message is a registration request message in the H.323 protocol, and the 
registration success response message is a registration success message in the H.323 protocol. 



17.-20. (Canceled) 



